class Slack::Events::Request
Attributes
http_request[R]
signature_expires_in[R]
signing_secret[R]
Public Class Methods
new(http_request, options = {})
click to toggle source
# File lib/slack/events/request.rb, line 13 def initialize(http_request, options = {}) @http_request = http_request @signing_secret = options[:signing_secret] || Slack::Events.config.signing_secret @signature_expires_in = options[:signature_expires_in] || Slack::Events.config.signature_expires_in end
Public Instance Methods
body()
click to toggle source
Request
body.
# File lib/slack/events/request.rb, line 37 def body @body ||= begin body = http_request.body.read http_request.body.rewind body end end
expired?()
click to toggle source
Returns true if the signature coming from Slack
has expired.
# File lib/slack/events/request.rb, line 46 def expired? timestamp.nil? || (Time.now.to_i - timestamp.to_i).abs > signature_expires_in end
signature()
click to toggle source
The signature is created by combining the signing secret with the body of the request Slack
is sending using a standard HMAC-SHA256 keyed hash.
# File lib/slack/events/request.rb, line 27 def signature @signature ||= http_request.get_header('HTTP_X_SLACK_SIGNATURE') end
timestamp()
click to toggle source
Request
timestamp.
# File lib/slack/events/request.rb, line 21 def timestamp @timestamp ||= http_request.get_header('HTTP_X_SLACK_REQUEST_TIMESTAMP') end
valid?()
click to toggle source
Returns true if the signature coming from Slack
is valid.
# File lib/slack/events/request.rb, line 51 def valid? raise MissingSigningSecret unless signing_secret digest = OpenSSL::Digest::SHA256.new signature_basestring = [version, timestamp, body].join(':') hex_hash = OpenSSL::HMAC.hexdigest(digest, signing_secret, signature_basestring) computed_signature = [version, hex_hash].join('=') computed_signature == signature end
verify!()
click to toggle source
Validates the request signature and its expiration.
# File lib/slack/events/request.rb, line 62 def verify! raise TimestampExpired if expired? raise InvalidSignature unless valid? true end
version()
click to toggle source
Signature version.
# File lib/slack/events/request.rb, line 32 def version 'v0' end